diff options
| author | Johannes Berg <johannes@sipsolutions.net> | 2008-09-10 20:16:36 -0400 |
|---|---|---|
| committer | John W. Linville <linville@tuxdriver.com> | 2008-09-15 16:48:23 -0400 |
| commit | 8aa21e6fd703cb3fed66ac07dcbcb861f00cf6d6 (patch) | |
| tree | ff237c8212a514b87a897161b5dab883528e7bf7 | |
| parent | 7a725f73403e874ec52c58741e9b98cd604dbd03 (diff) | |
mac80211 hwsim: verify vif pointers
mac80211-hwsim is a debugging tool for mac80211, and as such
it can very well verify that mac80211 isn't passing junk to
drivers, especially the vif pointer is prone to this because
for vlan interfaces the AP interface pointer needs to be passed.
This makes mac80211-hwsim add a magic cookie to the private vif
area and verify it whenever an operation is called that gets a
vif pointer.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
| -rw-r--r-- | drivers/net/wireless/mac80211_hwsim.c | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c index e855211a90f8..bdedf10fc86b 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c | |||
| @@ -28,6 +28,29 @@ static int radios = 2; | |||
| 28 | module_param(radios, int, 0444); | 28 | module_param(radios, int, 0444); |
| 29 | MODULE_PARM_DESC(radios, "Number of simulated radios"); | 29 | MODULE_PARM_DESC(radios, "Number of simulated radios"); |
| 30 | 30 | ||
| 31 | struct hwsim_vif_priv { | ||
| 32 | u32 magic; | ||
| 33 | }; | ||
| 34 | |||
| 35 | #define HWSIM_VIF_MAGIC 0x69537748 | ||
| 36 | |||
| 37 | static inline void hwsim_check_magic(struct ieee80211_vif *vif) | ||
| 38 | { | ||
| 39 | struct hwsim_vif_priv *vp = (void *)vif->drv_priv; | ||
| 40 | WARN_ON(vp->magic != HWSIM_VIF_MAGIC); | ||
| 41 | } | ||
| 42 | |||
| 43 | static inline void hwsim_set_magic(struct ieee80211_vif *vif) | ||
| 44 | { | ||
| 45 | struct hwsim_vif_priv *vp = (void *)vif->drv_priv; | ||
| 46 | vp->magic = HWSIM_VIF_MAGIC; | ||
| 47 | } | ||
| 48 | |||
| 49 | static inline void hwsim_clear_magic(struct ieee80211_vif *vif) | ||
| 50 | { | ||
| 51 | struct hwsim_vif_priv *vp = (void *)vif->drv_priv; | ||
| 52 | vp->magic = 0; | ||
| 53 | } | ||
| 31 | 54 | ||
| 32 | static struct class *hwsim_class; | 55 | static struct class *hwsim_class; |
| 33 | 56 | ||
| @@ -210,6 +233,9 @@ static int mac80211_hwsim_tx(struct ieee80211_hw *hw, struct sk_buff *skb) | |||
| 210 | ack = mac80211_hwsim_tx_frame(hw, skb); | 233 | ack = mac80211_hwsim_tx_frame(hw, skb); |
| 211 | 234 | ||
| 212 | txi = IEEE80211_SKB_CB(skb); | 235 | txi = IEEE80211_SKB_CB(skb); |
| 236 | |||
| 237 | hwsim_check_magic(txi->control.vif); | ||
| 238 | |||
| 213 | memset(&txi->status, 0, sizeof(txi->status)); | 239 | memset(&txi->status, 0, sizeof(txi->status)); |
| 214 | if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK)) { | 240 | if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK)) { |
| 215 | if (ack) | 241 | if (ack) |
| @@ -246,6 +272,7 @@ static int mac80211_hwsim_add_interface(struct ieee80211_hw *hw, | |||
| 246 | printk(KERN_DEBUG "%s:%s (type=%d mac_addr=%s)\n", | 272 | printk(KERN_DEBUG "%s:%s (type=%d mac_addr=%s)\n", |
| 247 | wiphy_name(hw->wiphy), __func__, conf->type, | 273 | wiphy_name(hw->wiphy), __func__, conf->type, |
| 248 | print_mac(mac, conf->mac_addr)); | 274 | print_mac(mac, conf->mac_addr)); |
| 275 | hwsim_set_magic(conf->vif); | ||
| 249 | return 0; | 276 | return 0; |
| 250 | } | 277 | } |
| 251 | 278 | ||
| @@ -257,6 +284,8 @@ static void mac80211_hwsim_remove_interface( | |||
| 257 | printk(KERN_DEBUG "%s:%s (type=%d mac_addr=%s)\n", | 284 | printk(KERN_DEBUG "%s:%s (type=%d mac_addr=%s)\n", |
| 258 | wiphy_name(hw->wiphy), __func__, conf->type, | 285 | wiphy_name(hw->wiphy), __func__, conf->type, |
| 259 | print_mac(mac, conf->mac_addr)); | 286 | print_mac(mac, conf->mac_addr)); |
| 287 | hwsim_check_magic(conf->vif); | ||
| 288 | hwsim_clear_magic(conf->vif); | ||
| 260 | } | 289 | } |
| 261 | 290 | ||
| 262 | 291 | ||
| @@ -267,6 +296,8 @@ static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac, | |||
| 267 | struct sk_buff *skb; | 296 | struct sk_buff *skb; |
| 268 | struct ieee80211_tx_info *info; | 297 | struct ieee80211_tx_info *info; |
| 269 | 298 | ||
| 299 | hwsim_check_magic(vif); | ||
| 300 | |||
| 270 | if (vif->type != NL80211_IFTYPE_AP) | 301 | if (vif->type != NL80211_IFTYPE_AP) |
| 271 | return; | 302 | return; |
| 272 | 303 | ||
| @@ -341,7 +372,28 @@ static void mac80211_hwsim_configure_filter(struct ieee80211_hw *hw, | |||
| 341 | *total_flags = data->rx_filter; | 372 | *total_flags = data->rx_filter; |
| 342 | } | 373 | } |
| 343 | 374 | ||
| 375 | static int mac80211_hwsim_config_interface(struct ieee80211_hw *hw, | ||
| 376 | struct ieee80211_vif *vif, | ||
| 377 | struct ieee80211_if_conf *conf) | ||
| 378 | { | ||
| 379 | hwsim_check_magic(vif); | ||
| 380 | return 0; | ||
| 381 | } | ||
| 344 | 382 | ||
| 383 | static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw, | ||
| 384 | struct ieee80211_vif *vif, | ||
| 385 | struct ieee80211_bss_conf *info, | ||
| 386 | u32 changed) | ||
| 387 | { | ||
| 388 | hwsim_check_magic(vif); | ||
| 389 | } | ||
| 390 | |||
| 391 | static void mac80211_hwsim_sta_notify(struct ieee80211_hw *hw, | ||
| 392 | struct ieee80211_vif *vif, | ||
| 393 | enum sta_notify_cmd cmd, const u8 *addr) | ||
| 394 | { | ||
| 395 | hwsim_check_magic(vif); | ||
| 396 | } | ||
| 345 | 397 | ||
| 346 | static const struct ieee80211_ops mac80211_hwsim_ops = | 398 | static const struct ieee80211_ops mac80211_hwsim_ops = |
| 347 | { | 399 | { |
| @@ -352,6 +404,9 @@ static const struct ieee80211_ops mac80211_hwsim_ops = | |||
| 352 | .remove_interface = mac80211_hwsim_remove_interface, | 404 | .remove_interface = mac80211_hwsim_remove_interface, |
| 353 | .config = mac80211_hwsim_config, | 405 | .config = mac80211_hwsim_config, |
| 354 | .configure_filter = mac80211_hwsim_configure_filter, | 406 | .configure_filter = mac80211_hwsim_configure_filter, |
| 407 | .config_interface = mac80211_hwsim_config_interface, | ||
| 408 | .bss_info_changed = mac80211_hwsim_bss_info_changed, | ||
| 409 | .sta_notify = mac80211_hwsim_sta_notify, | ||
| 355 | }; | 410 | }; |
| 356 | 411 | ||
| 357 | 412 | ||
| @@ -452,6 +507,9 @@ static int __init init_mac80211_hwsim(void) | |||
| 452 | BIT(NL80211_IFTYPE_AP); | 507 | BIT(NL80211_IFTYPE_AP); |
| 453 | hw->ampdu_queues = 1; | 508 | hw->ampdu_queues = 1; |
| 454 | 509 | ||
| 510 | /* ask mac80211 to reserve space for magic */ | ||
| 511 | hw->vif_data_size = sizeof(struct hwsim_vif_priv); | ||
| 512 | |||
| 455 | memcpy(data->channels, hwsim_channels, sizeof(hwsim_channels)); | 513 | memcpy(data->channels, hwsim_channels, sizeof(hwsim_channels)); |
| 456 | memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates)); | 514 | memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates)); |
| 457 | data->band.channels = data->channels; | 515 | data->band.channels = data->channels; |